How to Enable SSL for Amazon EC2 Instance(LAMP packaged by Bitnami)?

Question

I launch an EC2 instance with an AMI from the marketplace, which is called LAMP packaged by Bitnami.

After the instance is launched, I find I can only access its DNS name or IP via HTTP, not HTTPS. It seems that the SSL will not be installed by default.

So I search on its document and find this: https://docs.bitnami.com/aws/faq/administration/generate-configure-certificate-letsencrypt/

I follow the instruction to run the following command:

sudo /opt/bitnami/bncert-tool

But after inputting the DNS name ec2-3-95-160-86.compute-1.amazonaws.com, it shows a warning:

Warning: The domain 'ec2-3-95-160-86.compute-1.amazonaws.com' resolves to a 
different IP address than the one detected for this machine, which is 
'3.95.160.86'. Please fix its DNS entries or remove it. For more info see: 
https://docs.bitnami.com/general/faq/configuration/configure-custom-domain/

I doube-check the domain DNS at https://dnschecker.org/ and confirm ec2-3-95-160-86.compute-1.amazonaws.com will resolve to 3.95.160.86, as below:

So why I still get this warning? Also this warning will prevent me from creating the SSL certificate for ec2-3-95-160-86.compute-1.amazonaws.com at all.

Answer 1

Here's an answer to close things off.

The best approach here is to register a domain name for the server rather than using the EC2 domain name, set up DNS records, and create an A record for the server. Request a certificate for that domain name.

If you're using CloudFront a domain such as origin.example.com can be useful, so that CloudFront can control the primary domain. Otherwise you can register any domain name you like.